Main Menu
Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Messages - jessjot

#1
I really don't have anything but the IP addresses which were already reported online.    And what was weird is looking at those, in many instances they claimed to know who was hacking them, and they were different people they knew personally (and not this guy at all, who I don't even know).   
Anyway, I'm just an old x-IT guy, and I never knew networking that well.    This is not my battle, so nix that contacting me thing.   I'm out of it.   

#2
I've got hopes he'll bet bored with me and/or can't crack 2 factor authentication lol.
Anyway I talked to this person.  Or at least texted with them.
They claimed to be in school getting an AI degree, and he bragged about speaking Russian.  I saw him texting with someone on FB in that, too.  FB auto-translated it all.
It might have been his native language, I'm not sure.
Not to sound like a cliche (Russian hacker) but in this case it seemed true. 
What if they're using AI somehow, to hack sites?  You know.. run thousands of automated attacks....test their vulnerabilites, and the computer learns to crack in?
Government espionage?   LOL
I dunno.   I can go all day with ideas.   

I guess I'm not going to find anything out about this network.   So they get to snuff around and open my email at their leisure, hiding in their peachy anonymnity, nice.
I'm tired of only the hackers being in the know  :|

Anyway if anybody has the skills as a white hat and is curious, msg me I'll give you what I've got.   Could earn you a gryffindor badge.....
#3
This is kinda chilling, looking up the IP that was hacked in my email.
BTW I'm absolutely NOBODY.   I don't work in politics, in fact I'm laid off, lol..... I have no idea why someone would want to sit and monitor me.  They were in there for over a week before I noticed.

https://whois.arin.net/rest/net/NET-107-64-0-0-1/pft?s=107.77.173.4

>>>
Point of Contact
Note   ARIN has attempted to validate the data for this POC, but has received no response from the POC since 2019-12-05
>>>

This subnet, if you forgive my bad teminology (107.77.173) is hacking a LOT of people.   I can only guestimate by the numbers I'm seeing on abuseidp.com, maybe 10% of the attempts were actually noticed and reported on the website (1200).   That could easily work out to 12,000 hacking attempts over several years.
But what are those first three numbers, a network?   A server?  Or is it the designation of an IP provider.
All of the hacks I've seen have always had the first 3, and always show that location.

I called AT&T and was transfered around about 18 times, and was told absolutely nothing.  They don't even have a place to report a bad IP.
They basically tried to sell me stuff, then thank you buh-bye.
Strangely no matter where I get transferred at AT&T the same Malaysian woman seems to answer.    And its been that way for years lol.

     



#4
Security / Trying to understand IP addresses and a hacker
November 26, 2020, 01:37:30 AM
I met someone on Facebook who was a computer nerd, very secretive and paranoid.     They hid their friend list, work occupation, everything.
We talked awhile and later that night, I noticed an active session showing someone had hacked into my Facebook account from out of town.
It matched generally the area they said they were from.

Some time later, a friend of mine talked to this same person, and they, too were hacked by someone with the same IP address.   The location was the same- Bolingbrook, Illinois.
Some time after that another person I know, also was hacked by a very similar IP- the first 3 octets the same, but a different 4th octet.
Finally.... some weeks later my AOL mail was hacked.  A remote login session, from a similar IP address.   Again, the first 3 numbers the same, 4th different, but all showing from Bolingbrook, Illinois.
In all these instances they stayed connected- an active, open session.   They didn't just hack in, and leave.

Now, due to circumstances I won't get into...... I know for an absolute fact that this person actually hacked the 3 Facebook accounts.    I strongly suspect they also hacked the AOL account.
My thinking was the hacker has a dynamic IP address- so this would explain why the first 3 numbers are always identical, and the 4th varies.
But here's where my confusion comes in.

When I go to ABUSEIDP.com, and look up the addresses the hacking is coming from, I see 8 or 9 other people who have reported the same IPs.
Okay, so this person is doing a lot of hacking.

But then I thought I'd check something.
I started going down the list changing the 4th octet, and looking up the same "network" (keeping first 3 numbers the same).   
Its getting kind of unreal, considering the 4th octet goes up to 254 (I don't have all night, but I get the picture of what I'm going to see)
Could this all be one person, doing all this hacking?
Even if there's say 5 hacking instances per dynamic IP, then this person would have hacked over 1200 sites. 
And that would be only the hacks that were caught, AND reported to this website!
Is this '107.77.173.x' a legitimate network/location, like a single person's computer, is it a network of hackers...... or what exactly is this?


107.77.173.1    (3 people reported being hacked)
107.77.173.2    (10 reports....)
107.77.173.3    (5)
107.77.173.4    (12)
107.77.173.5    (6)
107.77.173.6    (4)
107.77.173.7    (5)
107.77.173.8    (2)
107.77.173.9    (9)
107.77.173.10   (14)
107.77.173.11   ( 8 )
107.77.173.12   (10)
107.77.173.13   (2)
107.77.173.14   (3)
107.77.173.15   (1)
107.77.173.16   (2)
107.77.173.17   (1)
107.77.173.18   (2)
107.77.173.19   (0)
107.77.173.20   (6)
107.77.173.21   (3)
107.77.173.22   (2)
107.77.173.23   (5)
107.77.173.24   (4)
107.77.173.25   (3)

...... and on.... and on......

https://www.abuseipdb.com/check/107.77.173.27